Dear all m0n0wall experts
I need some advices for my case. Recently my customer's company merged to
another company and here is the case:
- Company A
o Is the main company, must not change any network settings at all
o Has its own Domain Controller under Windows 2003 and DHCP and DNS Server
all under windows 2003
o Uses m0n0wall 1.33 as the router to connect to the internet (Fiber
optic) with static IP address of 121.x.x.x
o Internal IP sets is 192.168.x.x with 255.255.0.0 (more than 255
computers)
- Company B
o Is the merging company, can change some network settings, but preferably
no merging the subnet with company A.
o Has its own domain controller, dhcp, and dns under windows 2003
o Internet connection must share the internet from company A.
o Internal IP Sets is 192.169.x.x with 255.255.0.0 (more than 255
computers)
My Question is:
1. Can I use m0n0wall as a router to bridge the two networks.
2. Will using internal IP convention such as 192.168.x.x as the IP set
OK?
What I did:
At Company B:
1. I installed m0n0wall 1.22 in company B and sets the WAN using
static address with IP 192.168.0.50 and gateway points to 192.168.0.5. LAN
is set to 192.169.0.5
2. Connecting internet from client in Company B to all PC in company A
was a success, but the weird thing is that if I ping using m0n0wall Ping
tool to any address 192.168.x.x it never got thru. Ping to the internet also
failed. But all the clients can access all the 192.168.x.x subnets and the
internet. For the client, we set IP address of 192.169.x.x with gateway to
192.169.0.5 and DNS to 192.169.0.5 and 192.168.0.1 using DHCP at company B.
3. However, all the clients and m0n0wall at company A cannot access
all devices in company B.
4. With the current settings of m0n0wall in company B, it seems that
the DNS I set in m0n0wall is not used (not showing up), but in company A is
used well and shows up at the company B Firewall (Under Status - Interface -
DNS Servers). Is this because my WAN is pointing to internal IP? If I use IP
such as 10.x.x.x at Company A, would the DNS Server list shows up?
At company A, I did not change anything. Any tips on how to make both
companies able to communicate one another + internet sharing?
All helps are very much appreciated
Here is the picture
Company B |
Company A
|
Firewall B ----------------->Wifi Bridge | Wifi Bridge <-----
Firewall A
WAN IP: 192.168.0.50/16
WAN IP: 121.x.x.1/29 (ISP Public IP)
WAN Gateway: 192.168.0.5
WAN Gateway: 121.x.x.28 --> Fiber Modem From ISP
DNS: 202.x.x.x, 192.168.0.5, 192.169.0.1
DNS: 202.x.x.x, 192.168.0.1, 192.168.0.5
LAN IP: 192.169.0.5
LAN IP: 192.168.0.5
|
|
Switch
Switch
|
|
PDC + DHCP + DNS + Users
PDC + DHCP + DNS + Users
IP Sets: 192.169.x.x
IP Sets: 192.168.x.x
Mask: 255.255.0.0
Mask: 255.255.0.0
Gateway: 192.169.0.5
Gateway: 192.168.0.5
DNS: 192.168.0.5, 192.169.0.1
DNS: 192.168.0.5, 192.168.0.1